[KB7799] ESET PROTECT Web Console does not load (8.x–9.x)

Issue

Solution

  1. Restart the services for ESET PROTECT Server and Apache Tomcat
  2. Check for port conflicts
  3. Reinstall Apache Tomcat and Web Console

If ESET PROTECT Web Console will not start, or if the login screen appears to load constantly without opening, follow the instructions below. Start with part I and only continue to the next part if the issue is not resolved.

I. Restart the services for ESET PROTECT Server and Apache Tomcat

  1. Make sure you are using a supported web browser to access ESET PROTECT Web Console.

  2. Restart the ESET PROTECT Server service.

  3. Restart the Apache Tomcat service.

  4. Open the ESET PROTECT Web Console in your web browser and log in.

If the ESET PROTECT Web Console login screen does not load successfully, continue to part II.


II. Check for port conflicts

  1. Press the Windows  key + R, type cmd into the field and click OK to open a command prompt.

  2. Type the following command:

    netstat –aobn 
    Figure 1-1
  3. Verify that Tomcat9.exe is listening on port 443 or 8443. Change the port used by the ESET PROTECT Web Console.

  4. Open the ESET PROTECT Web Console in your web browser and log in.

If the ESET PROTECT Web Console login screen does not load successfully, continue to part III.


III. Reinstall Apache Tomcat and Web Console

Web Console 404 error

If you receive Web Console 404 error, ESET recommends uninstalling and reinstalling the Web Console using the All-on-one installer as described in this section below.

You can reinstall Tomcat and Web Console using the All-in-one installer.

  1. Back up the following files from the Tomcat folder (the path to the folder may differ based on your Tomcat installation):

    C:\Program Files\Apache Software Foundation\apache-tomcat-9.0.40\.keystore
    C:\Program Files\Apache Software Foundation\apache-tomcat-9.0.40\conf\server.xml
    C:\Program Files\Apache Software Foundation\apache-tomcat-9.0.40\webapps\era\WEB-INF\classes\sk\eset\era\g2webconsole\server\modules\config\EraWebServerConfig.properties

    If you are using a custom SSL certificate store in the Tomcat folder, also back up that certificate.

  2. Download the ESET PROTECT All-in-one installer.

  3. Extract the downloaded file and run the Setup.exe application. Click Run when prompted by the security warning.

    Figure 2-1
  4. Set the language of your installation in the Language drop-down menu and click Next.

  5. Select Uninstall and click Next.

    Figure 2-2
  6. Accept the End User License Agreement and click Next.

  7. Deselect all components except ESET PROTECT Webconsole and Apache Tomcat and click Uninstall.

    Figure 2-3
  8. When the process is finished, click Finish.

  9. Run the Setup.exe application again. Click Run when prompted by the security warning.

  10. Set the language of your installation in the Language drop-down menu and click Next.

  11. Select Install and click Next.

  12. Select I accept the terms in the license agreement and click Next to continue.

  13. Select only ESET PROTECT Webconsole and Apache Tomcat and click Next.

    Figure 2-4
  14. Select an existing JDK instance (since you are reinstalling the Tomcat, you already have the necessary JDK on your system). Click Install and wait until the installation is completed.

    Figure 2-5
  15. Click Finish to close the installation window.

  16. Restore the backup files from step 1 to their locations.

  17. Run the Services application from the Start Menu.

    Figure 2-6
  18. Restart the Apache Tomcat service.

    Figure 2-7

If you do not want to use .keystore and server.xml files from the Apache Tomcat backup, follow the steps below to generate a new keystore:

Generate a new keystore

Back up the keystore and server.xml

The instructions below will create new .keystore and server.xml files. Alternatively, you can back up these files and replace them in the standard installation folder location. Use the following examples as reference:

.keystore: C:\Program Files\Apache Software Foundation\apache-tomcat-9.0.40\.keystore

server.xml: C:\Program Files\Apache Software Foundation\apache-tomcat-9.0.40\conf\server.xml

  1. Navigate to the bin folder in the current Java directory (for example, C:\Program Files\Amazon Corretto\jdk11.0.10_9\bin\) in the command line and run the following command after substituting your values for bin folder, password and certificate information (see the note below for more information).

    keytool.exe -genkey -alias "tomcat" -keyalg RSA -keysize 4096 -validity 3650 -keystore "C:\Program Files\Apache Software Foundation\apache-tomcat-9.0.40\.keystore" -storepass "yourpassword" -keypass "yourpassword" -dname "CN=Unknown, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown"

    Substitute your own values in the command
    • Enter your password here. The password will be stored in a plain text later, so entering a new password is recommended.

    • Enter the certificate information:

      CN: Common Name (identifies the fully qualified domain names associated with the certificate)

      OU: Organizational Unit

      O: Organization (Business name)

      L: Locality (City)

      ST: State

      C: Country code

  1. Open the server.xml file located at the following path:

    C:\Program Files\Apache Software Foundation\apache-tomcat-9.0.40\conf\server.xml
  2. Search or scroll until you find and edit the area for connector ports by pasting the following code in server.xml:

    "443" server="EraServer" />
    <Connector server="OtherWebServer" port="443" protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="C:\Program Files\Apache Software Foundation\apache-tomcat-9.0.40\.keystore" keystorePass="YOURPASSWORD" keyAlias="tomcat" sslEnabledProtocols="TLSv1.2,TLSv1.3" ciphers="TLS_AES_256_GCM_SHA384, TLS_CHACHA20_POLY1305_SHA256, TLS_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA" />
    Important!
    • Change port 443 to 8443 if 443 is already in use.

    • In the field keystorePass=YOURPASSWORD, type the keystore password that was used during keystore generation.

    Figure 2-8
  3. At the following location, create a new folder and name it era:

    C:\Program Files\Apache Software Foundation\apache-tomcat-9.0.40\webapps

  4. Change the filename era.war (from the era installer folder) to era.zip.

  5. Extract the era.zip files to the following location:

    C:\Program Files\Apache Software Foundation\apache-tomcat-9.0.40\webapps\era

  6. Start the Apache Tomcat service.

  7. Set the Tomcat9 service startup type service to Automatic.

  8. Open the ESET PROTECT Web Console in your web browser and log in.

If the ESET PROTECT Web Console login screen does not load successfully, visit the related articles below or contact ESET technical support.